Several services are accessing named pipes in Ivanti Endpoint Manager up to and including 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITY\NETWORK SERVICE’).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ivanti endpoint manager |